When adding a load balancer, you must configure a virtual hostname, IP address, and listening port. The load balancer acts as the virtual host providing an entry point to the demilitarized zone (DMZ). You must configure the virtual host before you can install a web tier.

If your deployment has a load balancer, the virtual hostname must resolve to the public IP address of the load balancer.

If your deployment does not have a load balancer, the virtual hostname must resolve to the public IP address of your web tier.

If you change the name of the load balancer or use another load balancer, you must change the virtual hostname accordingly.

Before you begin

You must be a Super Admin.

The virtual hostname must be configured in the Domain Name System (DNS) to point to the load balancer.

Provide the IP address for each of the load balancers that you intend to use. You can add up to two load balancers.

The virtual host must be configured in the Domain Name System to point to the load balancers.

If you are not using a load balancer, leave the IP address blank.

Click Add.

Click Save.

The system saves the virtual hostname and key material in the keystore file.

On the confirmation page, read Mandatory Next Steps.

Click Done.

After you finish

In the Operations Console, perform the appropriate mandatory next steps.

If you updated load balancer details, you must reboot the primary and replica instances. In the Operations Console, click Maintenance > Reboot Appliance and reboot each instance.

If you updated the virtual hostname, generate a new integration script for each web-based application using RBA, and then redeploy the integration scripts.

If the deployment includes a web tier, update the web tier. In the Operations Console, click Deployment Configuration > Web-Tier Deployments > Manage Existing. Click the update link for each web tier.

If the deployment includes a web tier, replace the certificate on the load balancer and on the firewall with the virtual host certificate.

If the deployment uses dynamic seed provisioning, update the hostname and port for the CT-KIP URL with the hostname and port that you specified for the virtual host. In the Security Console, go to Setup > System Settings. Click Tokens.

If the deployment uses the RSA Self-Service Console, update the Self-Service Console URL with the hostname and port you specified for the virtual host. In the Security Console, go to Setup > Self-Service Settings. Click E-Mail Notifications for User Account Changes.